CSecurityDesc::ToString

Converts a security descriptor to a string format.

bool ToString(
   CString * pstr,
   SECURITY_INFORMATION si = OWNER_SECURITY_INFORMATION | 
      GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | 
      SACL_SECURITY_INFORMATION 
) const throw(...);

Parameters

  • pstr
    Pointer to a null-terminated string which will receive the string-format security descriptor.

  • si
    Specifies a combination of SECURITY_INFORMATION bit flags to indicate the components of the security descriptor to include in the output string.

Return Value

Returns true on success, false on failure.

Remarks

Once the security descriptor is in string format, it can more easily be stored or transmitted. Use the CSecurityDesc::FromString method to convert the string back into a security descriptor.

The si parameter can contain the following SECURITY_INFORMATION flags:

Value

Meaning

OWNER_SECURITY_INFORMATION

Include the owner.

GROUP_SECURITY_INFORMATION

Include the primary group.

DACL_SECURITY_INFORMATION

Include the DACL.

SACL_SECURITY_INFORMATION

Include the SACL.

If the DACL is NULL and the SE_DACL_PRESENT control bit is set in the input security descriptor, the method fails.

If the DACL is NULL and the SE_DACL_PRESENT control bit is not set in the input security descriptor, the resulting security descriptor string does not have a D: component. See Security Descriptor String Format for more details.

This method is only available with Windows 2000 and later, as it calls ConvertStringSecurityDescriptorToSecurityDescriptor.

Requirements

Header: atlsecurity.h

See Also

Concepts

CSecurityDesc Class

CSecurityDesc Members

SECURITY_DESCRIPTOR

CSecurityDesc::FromString